On Saturday 06 December 2003 11:01 pm, Richard Davey wrote: > Yes, check the $_FILES['userfile']['type'] after upload. > That can be spoofed. There isn't really a way to determine file types...
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
